AW: [Openswan Users] L2TP-IPsec with NAT-passthrough
(UDP-checksum)problem
Paul Wouters
paul at xelerance.com
Wed Sep 29 02:00:30 CEST 2004
On Tue, 28 Sep 2004, Andreas Kemper wrote:
> No, NAT-T definitely does not work with these passthrough routers. I tried
> it once with a "real" NAT-device (by means of "iptables" on a linux box),
> where it's been working properly.
>
> Well, now I'm pretty sure that this might be a particular problem of my
> combination of Kernel 2.4.25 and OSW 1.0.3.
These two statements contradict each other. If your nat box is breaking
things, switching kernels or openswan won't help you.
> Thus I tried the original SuSE 2.4.21-2xx kernel (from version 9.0).
> Unfortunately, there I had some problems with the configuration. After
> startup without any existing tunnels, two routes with 0.0.0.0/0 and
> 128.0.0.0/0 destination have been set-up on "ipsec0" towards the standard
> gateway. Following startup the entire machine wasn't reachable over the
> network anymore. ;-(
include /etc/ipsec.examples/no_oe.conf
> Does anyone know, whether I can use the SuSE 9.0 binary RPM for SuSE 9.1 as
> well??
Teh binaries we build we build on 9.1. (ftp.openswan.org/openswan/binaries/Suse-RPMS/
Paul
--
"Non cogitamus, ergo nihil sumus"
More information about the Users
mailing list